Don't worry, the pop-up is misleadingly scary in this case!
Whenever you accept any kind of permission on Android, Google gives you the worst-case scenario. The pop-up you are seeing is actually saying "it is possible this feature could allow malwarebytes to see sensitive information" - it's not saying that the app does it.
In fact the Safe Browsing Service is not collecting any sensitive information at all. The scanner only looks for patterns which are URL's and then checks if they are dangerous to you. When it is finished, it forgets everything. The only thing that ever gets recorded is the malicious URL to show in the history if it blocks something - so that you can see it on the scanner page.
So just to repeat - the Safe Browsing Service would not even recognise a credit card number, so it would completely ignore it and it collects nothing!